A forum for reverse engineering, OS internals and malware analysis 

Malware Requests, part 2

Forum for completed malware requests.
 Topic locked

Re: Malware Requests, part 2

 #16280  by Win32:Virut
 Thu Oct 25, 2012 6:29 pm
b685788ae76a9933a0f30f7e7fda84be --> edit: I have found this file _hxxp://goo.gl/vE8bq?foto=l7n.16 with redirect to _hxxp://beurer.by/images/foto_skype_10-24-2012.zip
91bdf3b326b435a248c17fbd6ad5b0bb
a8bf08e0da590be1044168e0bb248d9c
CDE611AFBAA010D6739820EF1613338F
B33AA4D492282F96F9718F619EB02E34
A0B662BC95AC11410518D87EB45379E6
8D91E58411DD254359320BEECC944ED3
4463f0a48b49d4dee7813fdf087b11a8
d35405430c0eda8fbbecdc3ea1734587
9BE65B2649CEE73BB6DF5720931CD962
ecd752e568099aa2ff2c0abac0b10d23
3f9aa109f67a09dd038fdb7e03f6c1e4
8cd03fd7cff0d98c998184fdfe2c31ed
Thanks
Attachments
Password for archive is "infected".
MD5 of extracted file: b685788ae76a9933a0f30f7e7fda84be
(185.85 KiB) Downloaded 50 times

Re: Malware Requests, part 2

 #16285  by Xylitol
 Thu Oct 25, 2012 11:42 pm
Win32:Virut wrote:b685788ae76a9933a0f30f7e7fda84be --> edit: I have found this file _hxxp://goo.gl/vE8bq?foto=l7n.16 with redirect to _hxxp://beurer.by/images/foto_skype_10-24-2012.zip
91bdf3b326b435a248c17fbd6ad5b0bb
a8bf08e0da590be1044168e0bb248d9c
CDE611AFBAA010D6739820EF1613338F
B33AA4D492282F96F9718F619EB02E34
A0B662BC95AC11410518D87EB45379E6
8D91E58411DD254359320BEECC944ED3
4463f0a48b49d4dee7813fdf087b11a8
d35405430c0eda8fbbecdc3ea1734587
9BE65B2649CEE73BB6DF5720931CD962
ecd752e568099aa2ff2c0abac0b10d23
3f9aa109f67a09dd038fdb7e03f6c1e4
8cd03fd7cff0d98c998184fdfe2c31ed
Thanks
infected
(1.42 MiB) Downloaded 73 times
infected
(1.07 MiB) Downloaded 67 times
yokami wrote:MD5 : 92869c9f958b5bfddefc09d6bfc03591
thank you
infected
(1.01 MiB) Downloaded 54 times

Re: Malware Requests, part 2

 #16339  by hnpl2011
 Tue Oct 30, 2012 5:02 am
i'm looking for :
- Mal/JSRedir-M
MD5:
adf8adbb1dc4a1c6e16bed3d93c1e803
1cdd30610aa54d35121dc6a6cce71f8c
- Mal/Iframe-W
MD5:
e7f6edb62284be0fad6b75c5ae56f2a3
38ddc7e31c6351f80900f05d7bd75945
- eblaster:
MD5:
910297800e9dd6157464b6e7d64a7f9a
d5037ab3b58d4263ccc99322e5de316c
d007c776b630a9ac3f7ff3c01ea8c44f

Thank for help

Re: Malware Requests, part 2

 #16352  by Win32:Virut
 Wed Oct 31, 2012 8:41 pm
MD5: 0361a4ddebe9c0990f393485fb8ad903
SHA1: 29debfc5df12978d7e5b215aeaa15d894d6d5448
SHA256: 9b2e1c79f412e9beea019457813615e7637f43754320a4336be389d54061d923
https://www.virustotal.com/file/9b2e1c7 ... /analysis/

MD5: 3cc89dbe519434830b41b72e6121bc68
SHA1: 02c115aa05e1dbb10b33541dcd4352846687c220
SHA256: 274cc984b4cd70d75204f6dac27ce371cdbc66e16f41a407e49cd22e5d85a213
https://www.virustotal.com/file/274cc98 ... /analysis/

Re: Malware Requests, part 2

 #16369  by Win32:Virut
 Thu Nov 01, 2012 7:22 pm
ibcritn wrote:I would like to request the following:
MD5: dece32561247309ddb9ad5c0d1024e56
SHA256: b3a55bcc6f88a60ca25e0a2687a6694756b91f45c6b9c82e249181ff69c93c0f
https://www.virustotal.com/file/b3a55bc ... /analysis/

Thanks in advance.
I know this is Ransomware:

https://twitter.com/abuse_ch/status/263940445174915072
http://t.co/cmcSA0gY
"Your computer has been hacked by the Anonymous Hackers Group and locked for the moment."
I don't have this file.
p4r4n0id wrote:Hi Guys,

Looking for the "xtreme-rat-targets-israeli-government" sample, anyone?

http://blog.trendmicro.com/trendlabs-se ... overnment/

Thx,

p4r4n0id
I have this file:
https://www.virustotal.com/file/946912b ... /analysis/

Please wait a minute, I will found it.

EDIT

Attached.
Attachments
Password is "infected" without quotes
(1.75 MiB) Downloaded 68 times

Re: Malware Requests, part 2

 #16390  by Xylitol
 Sat Nov 03, 2012 8:28 am
Win32:Virut wrote:MD5: 0361a4ddebe9c0990f393485fb8ad903
SHA1: 29debfc5df12978d7e5b215aeaa15d894d6d5448
SHA256: 9b2e1c79f412e9beea019457813615e7637f43754320a4336be389d54061d923
https://www.virustotal.com/file/9b2e1c7 ... /analysis/

MD5: 3cc89dbe519434830b41b72e6121bc68
SHA1: 02c115aa05e1dbb10b33541dcd4352846687c220
SHA256: 274cc984b4cd70d75204f6dac27ce371cdbc66e16f41a407e49cd22e5d85a213
https://www.virustotal.com/file/274cc98 ... /analysis/
infected
(1.51 MiB) Downloaded 62 times
ibcritn wrote:I would like to request the following:
MD5: dece32561247309ddb9ad5c0d1024e56
SHA256: b3a55bcc6f88a60ca25e0a2687a6694756b91f45c6b9c82e249181ff69c93c0f
https://www.virustotal.com/file/b3a55bc ... /analysis/

Thanks in advance.
infected
(35.86 KiB) Downloaded 46 times
hnpl2011 wrote:i'm looking for :
- Mal/JSRedir-M
MD5:
adf8adbb1dc4a1c6e16bed3d93c1e803
1cdd30610aa54d35121dc6a6cce71f8c
- Mal/Iframe-W
MD5:
e7f6edb62284be0fad6b75c5ae56f2a3
38ddc7e31c6351f80900f05d7bd75945
- eblaster:
MD5:
910297800e9dd6157464b6e7d64a7f9a
d5037ab3b58d4263ccc99322e5de316c
d007c776b630a9ac3f7ff3c01ea8c44f

Thank for help
infected
(1.65 MiB) Downloaded 64 times
 Topic locked
  • 1
  • 11
  • 12
  • 13
  • 14
  • 15
 Return to “Completed Malware Requests”